A
Aaron
http://www.infoprocess.com.au/antihook.php
" AntiHook is a unique desktop-based Intrusion Detection and Prevention
(IDP) product. AntiHook dynamically protects your privacy, operating
system and applications from malicious software, such as Spyware,
Rootkits, Keyloggers, Code Injection, and Trojans.
Exhaustive Real-time Protection
AntiHook is kernel mode protection that detects and prevents attacks in
real-time. It can be trained to isolate malicious activity. AntiHook
ensures the integrity of the operating system by blocking and reporting
any suspicious activity, including the following:
1. Launching of malicious applications and processes.
2. Termination or killing of your critical security applications (e.g.
Firewall, Anti-virus, and Anti-spyware software).
3. Loading of suspicious DLLs (e.g. IE Browser Helper Objects, ActiveX
components, COM objects).
4. Execution of code in a remote program (e.g. Trojans or Malware
modifying the memory space of an external application and executing
malicious code).
5. Remote injection of code through standard Win32 API calls to the
CreateRemoteThread() API or other native APIs called from within
Rootkits.
6. Installation of Kernel Device Drivers (Kernel Rootkits) that
integrate and then maliciously alter the Windows operating system.
7. Registration of programs for loading on PC start-up or when the
user logs on to the system.
8. Registration of Initialisation DLLs that load each time a new
application starts.
9. Installation of system-wide Windows hooks by using standard Win32
APIs or native APIs.
10. Attaching a debugger to another process.
A Unique Approach
1. AntiHook provides kernel mode protection.
2. The AntiHook solution does not rely on lists of known Malware, so
no updates are required!
3. No connection to a server or the internet is required - the
protection is virtually built into the operating system!
4. You are protected immediately from all new threats - no lag-time
for updates to be published!
5. AntiHook is complimentary with all other computer protection
systems including anti-virus, firewall, and anti-spyware systems.
AntiHook even protects these systems from malicious attack!
6. AntiHook blocks first, and then asks second. Prevention is better
than cure!
7. The AntiHook solution is optimised for the Microsoft Window
environment and has no noticeable impact on system performance."
Very complete defense. Also very annoying to use at the start, until you
got everything trained.
It does pratically everything Diamond CS's Processguard (full version)
and System Safety Monitor does and more.
Not recommended for beginners. Those of you playing with SSM might
consider trying this instead. Something to use if you already have
Antivirus, firewall, and wnat to play with more.
Requires NET framework 1.1, if you want to set rules ,which you
definitely do want to.
Requires email registration.
" AntiHook is a unique desktop-based Intrusion Detection and Prevention
(IDP) product. AntiHook dynamically protects your privacy, operating
system and applications from malicious software, such as Spyware,
Rootkits, Keyloggers, Code Injection, and Trojans.
Exhaustive Real-time Protection
AntiHook is kernel mode protection that detects and prevents attacks in
real-time. It can be trained to isolate malicious activity. AntiHook
ensures the integrity of the operating system by blocking and reporting
any suspicious activity, including the following:
1. Launching of malicious applications and processes.
2. Termination or killing of your critical security applications (e.g.
Firewall, Anti-virus, and Anti-spyware software).
3. Loading of suspicious DLLs (e.g. IE Browser Helper Objects, ActiveX
components, COM objects).
4. Execution of code in a remote program (e.g. Trojans or Malware
modifying the memory space of an external application and executing
malicious code).
5. Remote injection of code through standard Win32 API calls to the
CreateRemoteThread() API or other native APIs called from within
Rootkits.
6. Installation of Kernel Device Drivers (Kernel Rootkits) that
integrate and then maliciously alter the Windows operating system.
7. Registration of programs for loading on PC start-up or when the
user logs on to the system.
8. Registration of Initialisation DLLs that load each time a new
application starts.
9. Installation of system-wide Windows hooks by using standard Win32
APIs or native APIs.
10. Attaching a debugger to another process.
A Unique Approach
1. AntiHook provides kernel mode protection.
2. The AntiHook solution does not rely on lists of known Malware, so
no updates are required!
3. No connection to a server or the internet is required - the
protection is virtually built into the operating system!
4. You are protected immediately from all new threats - no lag-time
for updates to be published!
5. AntiHook is complimentary with all other computer protection
systems including anti-virus, firewall, and anti-spyware systems.
AntiHook even protects these systems from malicious attack!
6. AntiHook blocks first, and then asks second. Prevention is better
than cure!
7. The AntiHook solution is optimised for the Microsoft Window
environment and has no noticeable impact on system performance."
Very complete defense. Also very annoying to use at the start, until you
got everything trained.
It does pratically everything Diamond CS's Processguard (full version)
and System Safety Monitor does and more.
Not recommended for beginners. Those of you playing with SSM might
consider trying this instead. Something to use if you already have
Antivirus, firewall, and wnat to play with more.
Requires NET framework 1.1, if you want to set rules ,which you
definitely do want to.
Requires email registration.